41.80.0.9 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kenya

Internet Service Provider: Safaricom Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Feb 18 14:24:24 localhost kernel: [1816217.968177] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=41.80.0.9 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=10998 DF PROTO=TCP SPT=55723 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 18 14:24:27 localhost kernel: [1816220.969069] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=41.80.0.9 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=23409 DF PROTO=TCP SPT=53896 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 18 14:24:36 localhost kernel: [1816230.413040] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=41.80.0.9 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=30098 DF PROTO=TCP SPT=51280 DPT=8728 WINDOW=8192 RES=0x00 SYN URGP=0	2020-02-19 00:23:10

Type

Details

Datetime

attackbots

Feb 18 14:24:24 localhost kernel: [1816217.968177] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=41.80.0.9 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=10998 DF PROTO=TCP SPT=55723 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 
Feb 18 14:24:27 localhost kernel: [1816220.969069] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=41.80.0.9 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=23409 DF PROTO=TCP SPT=53896 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 
Feb 18 14:24:36 localhost kernel: [1816230.413040] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=41.80.0.9 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=30098 DF PROTO=TCP SPT=51280 DPT=8728 WINDOW=8192 RES=0x00 SYN URGP=0

2020-02-19 00:23:10

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.80.0.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33204
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.80.0.9.			IN	A

;; AUTHORITY SECTION:
.			223	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021801 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 00:23:04 CST 2020
;; MSG SIZE  rcvd: 113

Host info

Host 9.0.80.41.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 9.0.80.41.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
194.158.193.111	attackspambots	82/tcp [2019-09-29]1pkt	2019-09-30 01:35:17
222.186.180.17	attackspambots	SSH Brute Force, server-1 sshd[3502]: Failed password for root from 222.186.180.17 port 59750 ssh2	2019-09-30 01:28:41
177.43.31.220	attackbots	445/tcp 445/tcp 445/tcp [2019-09-27]3pkt	2019-09-30 01:09:35
51.15.58.201	attackbots	2019-09-29T14:44:12.038888abusebot-7.cloudsearch.cf sshd\[14773\]: Invalid user magalie from 51.15.58.201 port 52752	2019-09-30 01:34:34
172.68.74.28	attackspam	8443/tcp 8080/tcp... [2019-07-31/09-27]15pkt,2pt.(tcp)	2019-09-30 01:10:53
202.51.110.214	attack	Sep 29 19:33:47 vps01 sshd[25289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.110.214 Sep 29 19:33:49 vps01 sshd[25289]: Failed password for invalid user admin123 from 202.51.110.214 port 39775 ssh2	2019-09-30 01:44:50
203.160.61.156	attackspambots	Brute force attempt	2019-09-30 01:01:41
222.163.15.82	attackbots	23/tcp 23/tcp [2019-09-27]2pkt	2019-09-30 01:07:28
190.146.40.67	attackbots	Sep 29 15:03:36 MK-Soft-Root1 sshd[12755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.40.67 Sep 29 15:03:38 MK-Soft-Root1 sshd[12755]: Failed password for invalid user suporte from 190.146.40.67 port 43314 ssh2 ...	2019-09-30 01:36:21
43.226.146.112	attackbotsspam	Sep 29 09:37:30 mail sshd\[19117\]: Invalid user nt from 43.226.146.112 Sep 29 09:37:30 mail sshd\[19117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.146.112 ...	2019-09-30 01:24:12
202.119.81.229	attackspambots	Sep 29 19:36:28 pkdns2 sshd\[52039\]: Invalid user umountfs from 202.119.81.229Sep 29 19:36:29 pkdns2 sshd\[52039\]: Failed password for invalid user umountfs from 202.119.81.229 port 38972 ssh2Sep 29 19:40:44 pkdns2 sshd\[52231\]: Invalid user test from 202.119.81.229Sep 29 19:40:46 pkdns2 sshd\[52231\]: Failed password for invalid user test from 202.119.81.229 port 41762 ssh2Sep 29 19:45:04 pkdns2 sshd\[52355\]: Invalid user login from 202.119.81.229Sep 29 19:45:05 pkdns2 sshd\[52355\]: Failed password for invalid user login from 202.119.81.229 port 44552 ssh2 ...	2019-09-30 01:25:13
52.24.98.96	attack	Sep 29 15:37:52 icinga sshd[13294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.24.98.96 Sep 29 15:37:55 icinga sshd[13294]: Failed password for invalid user sangley_xmb1 from 52.24.98.96 port 44420 ssh2 Sep 29 15:48:29 icinga sshd[20243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.24.98.96 ...	2019-09-30 01:11:41
178.214.254.251	attackbots	Lines containing failures of 178.214.254.251 Sep 26 11:18:32 shared04 sshd[5714]: Invalid user martin from 178.214.254.251 port 51227 Sep 26 11:18:32 shared04 sshd[5714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.214.254.251 Sep 26 11:18:34 shared04 sshd[5714]: Failed password for invalid user martin from 178.214.254.251 port 51227 ssh2 Sep 26 11:18:34 shared04 sshd[5714]: Received disconnect from 178.214.254.251 port 51227:11: Bye Bye [preauth] Sep 26 11:18:34 shared04 sshd[5714]: Disconnected from invalid user martin 178.214.254.251 port 51227 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.214.254.251	2019-09-30 01:29:53
185.38.3.138	attack	Sep 29 12:00:52 web8 sshd\[4140\]: Invalid user pano from 185.38.3.138 Sep 29 12:00:52 web8 sshd\[4140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.38.3.138 Sep 29 12:00:54 web8 sshd\[4140\]: Failed password for invalid user pano from 185.38.3.138 port 49124 ssh2 Sep 29 12:04:59 web8 sshd\[6127\]: Invalid user mw from 185.38.3.138 Sep 29 12:04:59 web8 sshd\[6127\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.38.3.138	2019-09-30 00:55:50
123.108.200.150	attackbotsspam	Sep 29 18:42:46 vps691689 sshd[16009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.108.200.150 Sep 29 18:42:48 vps691689 sshd[16009]: Failed password for invalid user osvi from 123.108.200.150 port 42162 ssh2 Sep 29 18:47:36 vps691689 sshd[16119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.108.200.150 ...	2019-09-30 00:58:17

Recently Reported IPs

115.239.229.179	103.110.39.120	103.110.36.214	132.232.140.12
78.188.16.54	207.46.13.11	182.200.36.41	107.175.62.139
216.194.165.139	192.241.222.128	80.90.86.162	58.16.112.98
202.153.34.243	150.107.42.238	106.51.153.69	103.110.19.87
103.225.101.18	103.110.19.42	60.214.233.35	220.135.66.61